Encryption Standards for data-in-transit and data-at-rest

Encryption details below:

• In transit is TLS v. 1.2 with AWS's 2021 recommended ciphers.
• Encrypted payload from cloud connector (within the TLS channel) uses AES-256 w/ customer encryption key.
  Each customer gets their own encryption key for in-transit encryption.
• Same AES-256 encrypted payload is at rest (outside of the TLS channel) in S3, where the bucket is AES-256 encrypted with a different Clumio-managed encryption key.
• Customer encryption keys are rotated every 30 days.